[libvirt] [PATCH v7 00/19] Add support for vTPM state encryption

Stefan Berger posted 19 patches 4 years, 8 months ago
Test syntax-check passed
Patches applied successfully (tree, apply log)
git fetch https://github.com/patchew-project/libvirt tags/patchew/20190725182215.1304300-1-stefanb@linux.vnet.ibm.com
docs/formatdomain.html.in                     |  12 +
docs/formatsecret.html.in                     |  61 +++-
docs/schemas/domaincommon.rng                 |  11 +
docs/schemas/secret.rng                       |  10 +
include/libvirt/libvirt-secret.h              |   1 +
include/libvirt/virterror.h                   |   2 +
src/conf/domain_conf.c                        |  87 ++++-
src/conf/domain_conf.h                        |   6 +
src/conf/secret_conf.c                        |  13 +
src/libvirt_private.syms                      |  10 +
src/qemu/qemu_driver.c                        |  28 ++
src/qemu/qemu_extdevice.c                     |   2 +-
src/qemu/qemu_extdevice.h                     |   3 +
src/qemu/qemu_tpm.c                           | 211 ++++++++-----
src/util/vircommand.c                         | 171 +++++++++-
src/util/vircommand.h                         |   5 +
src/util/virerror.c                           |   2 +
src/util/virsecret.c                          |   2 +-
src/util/virtpm.c                             | 298 +++++++++++++++++-
src/util/virtpm.h                             |  23 ++
tests/commandhelper.c                         |  70 +++-
tests/commandtest.c                           | 113 +++++++
.../tpm-emulator-tpm2-enc.x86_64-latest.args  |  35 ++
.../tpm-emulator-tpm2-enc.xml                 |  32 ++
tests/qemuxml2argvtest.c                      |   1 +
.../tpm-emulator-tpm2-enc.xml                 |  36 +++
tests/qemuxml2xmltest.c                       |   2 +
tests/secretxml2xmlin/usage-vtpm.xml          |   7 +
tests/secretxml2xmltest.c                     |   1 +
29 files changed, 1168 insertions(+), 87 deletions(-)
create mode 100644 tests/qemuxml2argvdata/tpm-emulator-tpm2-enc.x86_64-latest.args
create mode 100644 tests/qemuxml2argvdata/tpm-emulator-tpm2-enc.xml
create mode 100644 tests/qemuxml2xmloutdata/tpm-emulator-tpm2-enc.xml
create mode 100644 tests/secretxml2xmlin/usage-vtpm.xml
[libvirt] [PATCH v7 00/19] Add support for vTPM state encryption
Posted by Stefan Berger 4 years, 8 months ago
This series of patches addresses the RFE in BZ 172830:
https://bugzilla.redhat.com/show_bug.cgi?id=1728030

This series of patches adds support for vTPM state encryption by passing
the read-end of a pipe's file descriptor to 'swtpm_setup' and 'swtpm'
where they can read a passphrase from and derive a key from that passphrase.

The TPM's domain XML looks to enable state encryption looks like this:

    <tpm model='tpm-tis'>
      <backend type='emulator' version='1.2'>
        <encryption secret='2c9ceaba-c6ef-4f38-86fd-6e3adb2df5cd'/>
      </backend>
    </tpm>

The vTPM secret holding the passphrase looks like this:

<secret ephemeral='no' private='yes'>
  <uuid>2c9ceaba-c6ef-4f38-86fd-6e3adb2df5cd</uuid>
  <description>vTPM passphrase example</description>
  <usage type='vtpm'>
    <name>vtpm_example</name>
  </usage>
</secret>


The swtpm v0.2 is needed that supports the command line option
--print-capabilities returning a JSON object that identifies features added
since v0.1. One such features is the possibility to pass a passphrase via a
file descriptor.

The patches do some refactoring of existing code on the way.

  Stefan

v1->v2:
 - Added Marc-André's R-bs
 - Addressed comments
 - Added patches to extend virCommand to be able to write contents of multiple
   buffers to file descriptors for a spawned process to read from

v2->v3:
 - Fixed some pointer issues following conversion to use VIR_AUTOFREE

v3->v4:
 - Added test case for virCommandSetSendBuffer() to commantest.c
 - Addressed other issues raised by Marc-André

v4->v5:
 - Simplified encryption node in TPM's domain XML and adapted everything that
   depends on this; dropped some patches and removed some R-bs for non-trivial
   stuff
 - Not limiting write size for fd's with O_NONBLOCK set

v5->v6:
 - Addressed comments on v5

v6->v7:
 - Stubbed out virCommandSetSendBuffer if F_SETFL is not defined. Also having
   'the other' occurrence of F_SETFL cause an error if F_SETFL is not defined.

Stefan Berger (19):
  secret: Add support for usage type vTPM, extend schema and test case
  tests: Add already existing test case tpm-emulator-tpm2
  conf: Extend TPM XML parser with encryption support
  tests: Add test for TPM XML encryption parser and formatter
  tests: Add tests for QEMU command line generation with encrypted TPM
  tpm: Move qemuTPMEmulatorInit to virTPMEmulatorInit in virtpm.c
  tpm: Refactor virTPMEmulatorInit to use loop
  tpm: Check whether previously found executables were updated
  tpm: Parse the capabilities supported by swtpm and swtpm_setup
  utils: Implement function to pass a buffer to send via a fd to
    virCommand
  utils: Convert pollfd array to be allocated
  utils: Mark inpipe as non-blocking
  utils: Extend virCommandProcessIO to include the send buffers
  tests: Extend command test to transfer large data to process on
    multiple fds
  tpm: Use fd to pass password to swtpm_setup and swtpm
  tpm: Pass migration key passphrase via fd to swtpm
  tpm: Check TPM XML device configuration changes after edit
  docs: Extend Secret XML documentation with vtpm usage type
  docs: Extend TPM docs with new encryption element

 docs/formatdomain.html.in                     |  12 +
 docs/formatsecret.html.in                     |  61 +++-
 docs/schemas/domaincommon.rng                 |  11 +
 docs/schemas/secret.rng                       |  10 +
 include/libvirt/libvirt-secret.h              |   1 +
 include/libvirt/virterror.h                   |   2 +
 src/conf/domain_conf.c                        |  87 ++++-
 src/conf/domain_conf.h                        |   6 +
 src/conf/secret_conf.c                        |  13 +
 src/libvirt_private.syms                      |  10 +
 src/qemu/qemu_driver.c                        |  28 ++
 src/qemu/qemu_extdevice.c                     |   2 +-
 src/qemu/qemu_extdevice.h                     |   3 +
 src/qemu/qemu_tpm.c                           | 211 ++++++++-----
 src/util/vircommand.c                         | 171 +++++++++-
 src/util/vircommand.h                         |   5 +
 src/util/virerror.c                           |   2 +
 src/util/virsecret.c                          |   2 +-
 src/util/virtpm.c                             | 298 +++++++++++++++++-
 src/util/virtpm.h                             |  23 ++
 tests/commandhelper.c                         |  70 +++-
 tests/commandtest.c                           | 113 +++++++
 .../tpm-emulator-tpm2-enc.x86_64-latest.args  |  35 ++
 .../tpm-emulator-tpm2-enc.xml                 |  32 ++
 tests/qemuxml2argvtest.c                      |   1 +
 .../tpm-emulator-tpm2-enc.xml                 |  36 +++
 tests/qemuxml2xmltest.c                       |   2 +
 tests/secretxml2xmlin/usage-vtpm.xml          |   7 +
 tests/secretxml2xmltest.c                     |   1 +
 29 files changed, 1168 insertions(+), 87 deletions(-)
 create mode 100644 tests/qemuxml2argvdata/tpm-emulator-tpm2-enc.x86_64-latest.args
 create mode 100644 tests/qemuxml2argvdata/tpm-emulator-tpm2-enc.xml
 create mode 100644 tests/qemuxml2xmloutdata/tpm-emulator-tpm2-enc.xml
 create mode 100644 tests/secretxml2xmlin/usage-vtpm.xml

-- 
2.20.1

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH v7 00/19] Add support for vTPM state encryption
Posted by Daniel P. Berrangé 4 years, 8 months ago
On Thu, Jul 25, 2019 at 02:21:56PM -0400, Stefan Berger wrote:
> This series of patches addresses the RFE in BZ 172830:
> https://bugzilla.redhat.com/show_bug.cgi?id=1728030
> 
> This series of patches adds support for vTPM state encryption by passing
> the read-end of a pipe's file descriptor to 'swtpm_setup' and 'swtpm'
> where they can read a passphrase from and derive a key from that passphrase.
> 
> The TPM's domain XML looks to enable state encryption looks like this:
> 
>     <tpm model='tpm-tis'>
>       <backend type='emulator' version='1.2'>
>         <encryption secret='2c9ceaba-c6ef-4f38-86fd-6e3adb2df5cd'/>
>       </backend>
>     </tpm>
> 
> The vTPM secret holding the passphrase looks like this:
> 
> <secret ephemeral='no' private='yes'>
>   <uuid>2c9ceaba-c6ef-4f38-86fd-6e3adb2df5cd</uuid>
>   <description>vTPM passphrase example</description>
>   <usage type='vtpm'>
>     <name>vtpm_example</name>
>   </usage>
> </secret>
> 
> 
> The swtpm v0.2 is needed that supports the command line option
> --print-capabilities returning a JSON object that identifies features added
> since v0.1. One such features is the possibility to pass a passphrase via a
> file descriptor.
> 
> The patches do some refactoring of existing code on the way.

This series is now pushed to GIT, thanks for your work on it 


Regards,
Daniel
-- 
|: https://berrange.com      -o-    https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org         -o-            https://fstop138.berrange.com :|
|: https://entangle-photo.org    -o-    https://www.instagram.com/dberrange :|

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list